VMware: We're building one of the biggest SDN deployments in the industry

VMware hopes to make the networking components of its soon-to-be-released vCloud Hybrid Service one of its biggest selling points, and in doing so the company plans to build one the largest software-defined networking (SDN) deployments in the industry.

It should come as no surprise that VMware is hoping to focus the conversation on networking; after all, the company dropped $1.2 billion last year to buy Nicira, a darling of the budding software-defined networking movement.

"We're an aggressive user of SDN technology," says Mathew Lodge, VMware's VP of cloud services. VMware's vCloud Hybrid Service will include a high-volume, low-latency networking architecture, and pretty much everything other than x86-based networking switches will be managed by software, he says.

VMware's networking capabilities will be based on the technology it bought from Nicira, combined with elements of its security and networking features from before the acquisition. Customers will be able to create their own virtual networks and configure them as they choose, install firewalls and set access policies within the network, and replicate and delete networks within the system. Pretty much anything that could have been done in a physical network with boxes and hardware, VMware can do using software controlled through application programming interfaces (APIs), Lodge adds.

As an example, a customer could create a separate network for traffic between an on-premises application from SAP, for example, and a database in the cloud. The segmentation technology allows only database traffic to travel in that tunnel. "It's a complete virtual network," Lodge says. "We're one of the biggest users of our own technology."

Rolling out such virtual networking features is central to the entire premise of the vCloud Hybrid Service, Lodge says. One of the biggest draws for VMware's public cloud, he says, is that it's the easiest way to migrate legacy applications that run in on-premises environments managed by VMware onto the public cloud. Customers can use the same VMware management platform running in their own data centers as in VMware's public cloud, creating this hybrid cloud service.

To enable that connection between the public cloud and on-premises resources, VMware had to not only provide a network topology to allow this hybrid connectivity, but provide security and networking features, such as load balancing, firewalling and segmentation.

VMware isn't the only one to provide this type of capability. But Paul Burns, an analyst at Neovise, is happy to see this functionality come to the cloud. "It's been an area of the cloud that providers have been lacking in," he says about granular control of networks. "It's one of the things that have kept traditional enterprise apps out of the cloud. Even if customers felt the cloud was reliable, they didn't feel like they could configure the network appropriately."

AWS boasts about the broad range of options it has related to networking features, including offering customers dedicated, single-tenant hardware (which comes with a premium price), as well as the ability to create security groups for access control to AWS resources, including the networks; to create and delete subnets; and to have hardware or software-based virtual private networking (VPN) tools.

Burns, the Neovise analyst, says other smaller providers, like ProfitBricks, have similar options for granular controls of networking features, so it's not just the mega-players. Burns expects this functionality to be commonplace in the market within the coming years. As for where VMware's capabilities compare to those from Amazon, Rackspace or even ProfitBricks, Burns says that's a wait and see -- VMware's service isn't even generally available yet.

VMware's vCloud Hybrid Service -- which is hosted in colocation facilities around the country and through partner data centers -- is currently in a limited preview for select customers and is expected to be generally available by the third quarter of this year.

Network World senior writer Brandon Butler covers cloud computing and social collaboration. He can be reached at BButler@nww.com and found on Twitter at @BButlerNWW.

Copyright 2010 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.